Tanzu Service Mesh, an enterprise-class service mesh, solves the challenges associated with a distributed microservices application by extending service mesh services outside Kubernetes clusters and providing a unified operational layer across heterogeneous platforms and technologies, including virtual machines and other service meshes.

Most service mesh implementations focus on services alone, but this limited approach ignores users and data. Users use services to access data. If your application runs in a multicluster or multicloud environment, you still need to manage communication and access between users, services, and data centrally, without needing to manage the underlying physical infrastructure.

Tanzu Service Mesh elevates the service mesh from the physical boundaries and limitations of a single cluster and a single cloud. With Tanzu Service Mesh, you can control, measure, secure, scale, and operate applications, no matter where their components are deployed, in multiple clusters or multiple public clouds.

Tanzu Service Mesh provides service mesh capabilities for resources in a distributed application by arranging these objects in a logical group called global namespace. A global namespace is not tied to a single cluster and connects resources between two or more clusters. Each global namespace manages service discovery, observability, encryption, policies, and service-level objectives (SLOs) for its objects regardless of where they reside: in multiple clusters, sites, or clouds. For more information about global namespaces, see Global Namespaces.